Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
macromedia vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2004-1478
JRun 4.0 does not properly generate and handle the JSESSIONID, which allows remote malicious users to perform a session fixation attack and hijack a user's HTTP session.
Hitachi Cosminexus Enterprise 01 02 2
Hitachi Cosminexus Server Web 01-01 1
Macromedia Jrun 4.0
Hitachi Cosminexus Server Web 01-01 2
Macromedia Coldfusion 6.0
Macromedia Coldfusion 6.1
Hitachi Cosminexus Enterprise 01 01 1
Macromedia Jrun 3.0
Macromedia Jrun 3.1
445
VMScore
CVE-2004-0928
The Microsoft IIS Connector in JRun 4.0 and Macromedia ColdFusion MX 6.0, 6.1, and 6.1 J2EE allows remote malicious users to bypass authentication and view source files, such as .asp, .pl, and .php files, via an HTTP request that ends in ";.cfm".
Hitachi Cosminexus Enterprise 01 02 2
Macromedia Jrun 4.0
Hitachi Cosminexus Enterprise 01 01 1
Macromedia Jrun 3.0
Macromedia Jrun 3.1
Hitachi Cosminexus Server Web 01-01 1
Hitachi Cosminexus Server Web 01-01 2
Macromedia Coldfusion 6.0
Macromedia Coldfusion 6.1
694
VMScore
CVE-2005-3901
Macromedia Flash Communication Server MX 1.0 and 1.5 does not sufficiently validate certain RTMP data, which allows malicious users to cause a denial of service (instability or crash), as demonstrated using an alpha release build of Flash Player 8.5 (build 133).
Macromedia Flash Communication Server 1.5
Macromedia Flash Communication Server 1.0
785
VMScore
CVE-2005-4216
The Administration Service (FMSAdmin.exe) in Macromedia Flash Media Server 2.0 r1145 allows remote malicious users to cause a denial of service (application crash) via a malformed request with a single character to port 1111.
Macromedia Flash Media Server 2.0
Macromedia Flash Media Server 2.0 R1145
1 EDB exploit
383
VMScore
CVE-2003-0208
Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remote malicious users to insert arbitrary Javascript via the clickTAG field.
Macromedia Flash
668
VMScore
CVE-2002-1310
Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia JRun 4.0 and previous versions allows remote malicious users to execute arbitrary via an HTTP GET request with a long .jsp file name.
Macromedia Jrun
570
VMScore
CVE-2000-0539
Servlet examples in Allaire JRun 2.3.x allow remote malicious users to obtain sensitive information, e.g. listing HttpSession ID's via the SessionServlet servlet.
Macromedia Jrun 2.3
755
VMScore
CVE-2007-1403
Multiple stack-based buffer overflows in an ActiveX control in SwDir.dll 10.1.4.20 in Macromedia Shockwave allow remote malicious users to cause a denial of service (Internet Explorer 7 crash) and possibly execute arbitrary code via a long (1) BGCOLOR, (2) SRC, (3) AutoStart, (4)...
Macromedia Shockwave 10.1.4.20
1 EDB exploit
445
VMScore
CVE-2000-1049
Allaire JRun 3.0 http servlet server allows remote malicious users to cause a denial of service via a URL that contains a long string of "." characters.
Macromedia Jrun 3.0
505
VMScore
CVE-2000-1050
Allaire JRun 3.0 http servlet server allows remote malicious users to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request (aka the "extra leading slash").
Macromedia Jrun 3.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »